SmartAdvice: Write IT Plan For Nonprofit That Incorporates Values

Measure the value of IT to a nonprofit in a plan with definable standards, The Advisory Council says. Also, plan around security concerns when implementing RFID; and protect confidential HR information the same way as other company data.

Editor's Note: Welcome to SmartAdvice, a weekly column by The Advisory Council (TAC), an advisory service firm. The feature answers three questions of core interest to you, ranging from career advice to enterprise strategies to how to deal with vendors. Submit questions directly to smartadvice@tacadvisory.com

Question A: Everything I've seen about measuring the value of IT focuses on for-profit businesses. How can one measure the value of IT to a nonprofit enterprise?

Our advice: There are two answers to this question, an easy one and a hard one:

The Easy Answer
You work for a non-profit that consciously adopts "best practices" from the for-profit world. There's a written strategy, and its vision and mission statements are crisp and actionable. Goals and objectives have measurable standards.

In this case, you write an IT plan that maps on the priorities expressed in the organizational strategy, and you involve senior and line managers in that process so they understand that you're serious about the mapping. Give your IT plan measurable standards. Then deliver to plan and hold "plan versus actual" reviews.

Make sure that you share goals with key line managers. For example, if you propose a Web log (blog) to improve membership communication, and the membership director agrees to staff it, you should share cost and membership encounter goals. That way, you'll work together easily and there will be no year-end tension about who gets credit.

The Hard Answer
You work for a nonprofit that consciously or unconsciously rejects the more "hard-nosed" of the best practices used in industry. While there are written vision and mission statements, they might best be described as "lofty," versus "crisp and actionable." There are no measurable standards.

If IT is to be perceived as having value, there must be recognition that your group is empowering the core mission of the organization. That requires a social contract at the beginning of any new project (or planning period) recognizing that what you're about to do is beneficial. In the absence of a "crisp and actionable" strategy, you must write a "crisp and actionable" IT plan. (See TAC's advice about writing an IT plan where there is no strategic plan .)

Start by interviewing as many senior and line managers as possible, asking for guidance on how they perceive the core mission of the organization, and how they perceive an "ideal future state" for the organization. Be prepared to test with them some new opportunities to use technology. Work to build a consensus on what your priorities should be. Document that consensus priority list in your IT plan. Then include non-IT metrics in the IT plan. For example, if there's consensus that a new membership system is needed, and that the intent is to increase membership, to lower administrative costs, and to increase communication with the members--but none of that is quantified or written down--then quantify it and write it down in the IT plan. Yes, that means you've accepted a membership growth goal. Fine.
Make sure to hold regular "plan versus actual" reviews. Enlist satisfied line managers to describe the impact of your systems on the core mission, and encourage them to try to quantify that impact, especially where there are quantified metrics in your IT plan.

There are two kinds of perceived value you're trying for with this approach. The first is to get your group to be seen as a) concerned with the core mission and b) reliable. You want to hear a senior manager say "These IT guys really try to make us successful, and they deliver to specific promises." Every manager, for-profit or non-profit, values those traits. Second, you're trying to instill the notion that quantifiable measurements are appropriate in altruistic work since they make the altruistic work more effective. (They also make it easy to measure and value IT.)

To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.

Chances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.